Hi all,
I am developing a web application in ASP.Net 2.
The landing page is a login page with two other pages "Contact Us" and
"Password Reminder" that allow anonymous access. When the user is
loged in and accessing other pages, upon session timeout, the user
must be redirected to the login page unless he/she is allready in the
login page or one of the anonymous pages.
I have the following code in my Global.asax file.
protected void Session_Start(object sender, EventArgs e)
{
string request_cookies = Request.Headers["Cookie"];
if ((null != request_cookies) && (request_cookies.IndexOf
("ASP.NET_SessionId") >= 0))
{
string lastLocation = Request.FilePath;
switch (lastLocation)
{
case "/Login.aspx":
case "/ContactUs.aspx":
case "/PasswordRetrieve.aspx":
return;
default:
Response.Redirect("~/Login.aspx?timeout=1");
break;
}
}
}
This works well when running in debug mode / .Net environment. When
session is timed out, the user is successfully redirected to the login
page. The login page then uses the following code to activate a label
indicating that timeout has occured...
protected void Page_Load(object sender, EventArgs e)
{
if (Request.Params["logout"] == "1")
{
Session.Remove("CurrentUser");
}
if (Request.Params["timeout"] == "1")
{
lblTimeout.Visible = true;
}
}
Like I said, all this works fine in debug mode, but when hosted in IIS
6, upon timeout, the user is redirected to the login screen, but it
seems an infinite loop of some kind is occuring and it keeps
redirecting to the login page even thoug it is allready there. As if
the login page keeps posting back.
Has anyone experienced this before? Any solutions?
Regards.
